Xu An Wang

Provable Secure Generalized Signcryption

Generalized signcryption which proposed by Han is a new cryptographic primitive which can work as an en- cryption scheme, a signature scheme or a signcryption scheme[5]. However,the security proof in their paper is uncorrect. our contribution are as following:First we give security notions for this new primitive.Secnond,we give an attack to [4] which is the first vision of [5] and propose an improved generalized signcryption scheme. Third, we give correct proofs for this new scheme.

CCA Secure Publicly Verifiable Public Key Encryption Without Pairings Nor Random Oracle and Its Applications

hosen ciphertext security (CCA security)hosen ciphertextsecurity (CCA security)C is now a widely acceptednecessary security notion for public key encryption. CCAsecure public verifiable public key encryption has manyapplications such as threshold public key encryption andproxy re-encryption etc. Furthermore, these years “randomoracle model” has seen risen criticize by many cryptographers.Hence, researchers give great effort to pursuepublic key public key encryption with publicly verifiability inthe standard model. However, all the existing CCA securepublicly verifiable public key encryption in the standardmodel relies on costly bilinear pairing. In this paper, basedon Hanaoka and Kurosawa’s efficient CCA secure public keyencryption under Computational Diffle-Hellman assumptionproposed in Asiacrypt’08 and the famous Cramer-Shoupencryption scheme, we try to construct a CCA securepublic verifiable public key encryption without pairing inthe standard model. As a result of its application, weachieve a CCA secure public verifiable threshold public keyencryption without pairing in the standard model, a CCAsecure unidirectional proxy re-encryption without pairingin the standard model.

Improved group-oriented proofs of cloud storage in IoT setting: Improved group-oriented proofs of cloud storage in IoT setting

In the IoT setting, many resource constrained devices outsource their collected data to the Cloud. To ensure the outsourced data has not been lost, these devices need some mechanism to check the integrity of their data. Furthermore, in some settings, ad hoc devices need to act as a group, and in this group, any member may require to verify the integrity of outsourced cloud storage. Aiming at solving this problem, in AISACCS15, first proposed the concept of group‐based proofs of storage (GPoS). In GPoS, a group manager can authorize data owners as group members, and then these group members can outsource files to the cloud storage server; later, each member can verify the integrity of the outsourced cloud storage. They also give a concrete construction of GPoS. Unfortunately, in this paper, we find their scheme is not secure. Recently, also proposed a dynamic group‐based integrity auditing protocol for outsrouced cloud storage; we also show their scheme is not secure either. Finally, we give an improved scheme and roughly analysis to its security and performance.

Identity Based Proxy Re-encryption From BB1 IBE

In 1998, Blaze, Bleumer, and Strauss proposed a kind of cryptographic primitive called proxy re-encryption. In proxy re-encryption, a proxy can transform a ciphertext computed under Alice’s public key into one that can be opened under Bob’s decryption key. In 2007, Matsuo proposed the concept of four types of proxy re-encryption schemes: CBE (Certificate Based Public Key Encryption) to IBE (Identity Based Encryption) (type 1), IBE to IBE (type 2), IBE to CBE (type 3), CBE to CBE (type 4). In this paper, we find that if we allow the PKG to use its masterkey in the process of generating re-encryption key for proxy re-encryption in identity based setting, many open problems can be solved. We give the new security models for proxy reencryption in identity based setting, especially considering PKG’s involving in the re-encryption key generation process and PKG’s master-key’s security. We construct the new IND-ID-CPA and the first IND-ID-CCA2 secure proxy reencryption schemes based on BB1 IBE. We also prove their security by introducing some new techniques which maybe have independent interest. At last, we compare our new schemes with existing ones, the results show that our scheme can achieve high security levels and are very efficient for re-encryption and, which are very important for practical applications.

On the security of two multi-use CCA-secure proxy re-encryption schemes

In proxy re-encryption PRE, a semi-trusted proxy can convert a ciphertext originally intended for Alice into one which can be decrypted by Bob, while the proxy cannot know the corresponding plaintext. PRE can be classified as single-use PRE and multi-use PRE according to the times the ciphertext can be transformed. In multi-use PRE schemes, the ciphertext can be transformed from A to B and to C and so on. In CCS09 post session, Wang et al. proposed a multi-use unidirectional CCA-secure proxy re-encryption scheme. Unfortunately, we show their proposal is not CCA-secure in the corresponding security models by giving concrete attacks. In 2010, Ren et al. proposed a hierarchical identity-based proxy re-encryption scheme without random oracles, and claimed their scheme was also multi-use and CCA-secure, we also show their scheme is not secure.

On the Security of a CCA-Secure Timed-Release Conditional Proxy Broadcast Re-encryption Scheme

Proxy re-encryption acts an important role in secure data sharing in cloud storage. There are many variants of proxy re-encryption until now, in this paper we focus on the timed-realise conditional proxy broadcast re-encryption. In this primitive, if and only the condition and time satisfied the requirement, the proxy can re-encrypt the delegator(broadcast encryption set)’s ciphertext to be the delegatee(another broadcast encryption set)’s ciphertext. Chosen cipertext security (CCA-security) is an important security notion for encryption scheme. In the security model of CCA-security, the adversary can query the decryption oracle to get help, with the only restriction the challenge ciphertext can not be queried to the decryption oracle. For CCA-security of time-realised conditional proxy broadcast re-encryption, the situation is more complicated for this time the adversary can not only get the decryption oracle of normal ciphertext but also the decryption oracle of the re-encrypted ciphertext and the re-encrypted key generation oracle. In 2013, Liang et al. proposed a CCA-secure time-realised conditional proxy broadcast re-encryption scheme, in this paper, we show their proposal is not CCA-secure in the security model of CCA-secure time-realised conditional proxy broadcast re-encryption.

Outsourcing Online/offline Proxy Re-encryption for Mobile Cloud Storage Sharing

Outsourcing heavy storage and computation to the cloud servers now becomes more and more popular. How to secure share the cloud storage is an important problem for many mobile users. Proxy re-encryption is such a cryptographic primitive which can be used to secure share cloud data. Until now there are many kinds of proxy re-encryption schemes with various properties, such as conditional proxy re-encryption, proxy re-encryption with keyword search etc. However until now there exists no work focus on proxy re-encryption for mobile cloud storage sharing. In mobile cloud storage, almost all the users are mobile ones, they only have resource-restricted equipments. In this paper we try to initialize this research, we give a very basic outsourced online/offline proxy re-encryption scheme for mobile cloud storage sharing and leave many interesting open problems as the future work.

More Secure Outsource Protocol for Matrix Multiplication in Cloud Computing

Matrix multiplication is a very basic computation task in many scientific algorithms. Recently Lei et al. proposed an interesting outsource protocol for matrix multiplication in cloud computing. Their proposal is very efficient, however we find that the proposal is not so secure from the view of cryptography. Concretely, the cloud can easily distinguish which matrix has been outsourced from two candidate matrixes. That is, their proposal does not satisfy the indistinguishable property under chosen plaintext attack. Finally we give an improved outsource protocol for matrix multiplication in cloud computing.

Publicly Verifiable 1-norm and 2-norm Operations over Outsourced Data Stream Under Single-Key Setting

With the advent of the big data era, the amount of data computation is getting larger and larger, and the computational load of clients is also increasing day by day. The advent of clouds allows clients to outsource their data to the cloud for computing services. Outsourced computation has greatly reduced the computational burden of clients, but also brings the issue of trust. Because the cloud is not trustworthy, clients need to verify the correctness of the remote computation results. In this paper, we mainly study the common norm operations, and propose two publicly verifiable schemes for 1-norm and 2-norm operations respectively, any client can publicly verify these two common norm operations under single-key setting by using our schemes.

Homomorphic Authentication Based on Rank-Based Merkle Hash Tree

Under the settings of cloud storage, user’s private data is distributed and sent to different servers for storage service, thus authentication systems are required to ensure data integrity. In this paper, combining the idea of Dario Catalanno’s arithmetic circuit with Rank-based Merkle Hash Tree structure, a novel homomorphic authentication scheme is proposed. The main advantage of the proposed scheme is that the integrity of data transmission can be validated between different servers.